Re: [squid-users] WCCP issue

From: Masood Ahmad Shah <[email protected]>
Date: Sat, 13 Sep 2003 10:29:59 +0500

Awie,

Check have you place
ip wccp redirect out
on your router interface.:)

-- 
Best Regs,
Masood Ahmad Shah
System Administrator
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
|   * * * * * * * * * * * * * * * * * * * * * * * *
|   Fibre Net (Pvt) Ltd. Lahore, Pakistan
|   Tel: +92-42-6677024
|   Mobile: +92-300-4277367
|   http://www.fibre.net.pk
|   * * * * * * * * * * * * * * * * * * * * * * * *
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)
----- Original Message ----- 
From: "Awie" <awie@eksadata.com>
To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
<squid-users@squid-cache.org>
Sent: Friday, September 12, 2003 5:56 PM
Subject: Re: [squid-users] WCCP issue
| The situation change so fast as I tried some possibilities. After I change
| the WCCP version in the squid.conf to be 4. The router captured a correct
| things as below:
|
| dpr-gtw-01#sh ip w w d
| WCCP Cache-Engine information:
|         IP Address:            my.squid.ip.addr
|         Protocol Version:      0.4
|         State:                 Usable
|         Initial Hash Info:     00000000000000000000000000000000
|                                00000000000000000000000000000000
|         Assigned Hash Info:    FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|                                FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
|         Hash Allotment:        256 (100.00%)
|         Packets Redirected:    0
|         Connect Time:          00:01:37
|
| It seems becoming better than before (compare to my last email). I also
| disabled the CEF at the interface that has ip wccp command.
| However, the packet still was not redirected
|
| Thx & Rgds,
|
| Awie
|
| ----- Original Message -----
| From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
| To: "Awie" <awie@eksadata.com>; "Squid-users"
<squid-users@squid-cache.org>
| Sent: Friday, September 12, 2003 5:26 PM
| Subject: Re: [squid-users] WCCP issue
|
|
| > Awie,
| >
| > Better to change IOS as you was running before. There must be something
| > wrong with IOS or WCCP module. If wccp module is working f9 then better
to
| > change IOS.
| >
| > --
| >
| > Best Regs,
| > Masood Ahmad Shah
| > System Administrator
| >
| > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| > |   * * * * * * * * * * * * * * * * * * * * * * * *
| > |   Fibre Net (Pvt) Ltd. Lahore, Pakistan
| > |   Tel: +92-42-6677024
| > |   Mobile: +92-300-4277367
| > |   http://www.fibre.net.pk
| > |   * * * * * * * * * * * * * * * * * * * * * * * *
| > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| > Unix is very simple, but it takes a genius to understand the simplicity.
| > (Dennis Ritchie)
| >
| > ----- Original Message -----
| > From: "Awie" <awie@eksadata.com>
| > To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
| > <squid-users@squid-cache.org>
| > Sent: Friday, September 12, 2003 1:55 PM
| > Subject: Re: [squid-users] WCCP issue
| >
| >
| > | Masood,
| > |
| > | Seems the problem because of CEF issue. My router has IOS version
| > 12.1.(3)T
| > | that pretty old (as my friend at Cisco said), perhaps having problem
| with
| > IP
| > | GRE as stated in the FAQ below:
| > |
| > | *******************************************
| > |
| > | IOS 12.x problems
| > | Some people report problems with WCCP and IOS 12.x. They see truncated
| or
| > | fragmented GRE packets arriving at the cache. Apparently it works if
you
| > | disable Cisco Express Forwarding for the interface:
| > |
| > | conf t
| > | ip cef          # some systems may already have 'ip cef global'
| > | int Ethernet 0/0      (or int FastEthernet 0/0 or other internal
| > interface)
| > | no ip route-cache cef
| > | CTRL Z
| > |
| > | This may well be fixed in later releases of IOS.
| > |
| > | *******************************************
| > |
| > | Now, I use route map instead WCCP and run normally, but I still want
to
| > use
| > | WCCP. As it is save and better than route map.
| > |
| > | Your advise please.
| > |
| > | Thx & Rgds,
| > |
| > | Awie
| > |
| > | ----- Original Message -----
| > | From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
| > | To: "Awie" <awie@eksadata.com>; "Squid-users"
| > <squid-users@squid-cache.org>
| > | Sent: Friday, September 12, 2003 1:33 PM
| > | Subject: Re: [squid-users] WCCP issue
| > |
| > |
| > | > no by default squid enable wccp ... so no need to compile with wccp
| > | support.
| > | > if you want to disable wccp then you can put --disable-wccp.
| > | > There is some buggy IOS in cisco they did not redirect traffic or
did
| > not
| > | > allot hash code. so better to change your IOS on cisco router.
| > | > if it does not solve porblem then better to check wccp module....
| > | > lsmod | grep wccp
| > | >
| > | >
| > | > onthing more make sure you have ip wccp redirect out on your router
| > border
| > | > interface
| > | >
| > | > --
| > | >
| > | > Best Regs,
| > | > Masood Ahmad Shah
| > | > System Administrator
| > | >
| > | > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| > | > |   * * * * * * * * * * * * * * * * * * * * * * * *
| > | > |   Fibre Net (Pvt) Ltd. Lahore, Pakistan
| > | > |   Tel: +92-42-6677024
| > | > |   Mobile: +92-300-4277367
| > | > |   http://www.fibre.net.pk
| > | > |   * * * * * * * * * * * * * * * * * * * * * * * *
| > | > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| > | > Unix is very simple, but it takes a genius to understand the
| simplicity.
| > | > (Dennis Ritchie)
| > | >
| > | > ----- Original Message -----
| > | > From: "Awie" <awie@eksadata.com>
| > | > To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
| > | > <squid-users@squid-cache.org>
| > | > Sent: Friday, September 12, 2003 9:11 AM
| > | > Subject: Re: [squid-users] WCCP issue
| > | >
| > | >
| > | > | After I clear WCCP statistic, I found a strange condition as
below:
| > | > |
| > | > | dpr-gtw-01#sh ip wccp
| > | > | Global WCCP information:
| > | > |     Router information:
| > | > |         Router Identifier:                   my.router.ip.adrr
| > | > |         Protocol Version:                    1.0
| > | > |
| > | > |     Service Identifier: web-cache
| > | > |         Number of Cache Engines:             1
| > | > |         Number of routers:                   1
| > | > |         Total Packets Redirected:            0
| > | > |         Redirect access-list:                redirect-to-squid
| > | > |         Total Packets Denied Redirect:       0
| > | > |         Total Packets Unassigned:            4578
| > | > |         Group access-list:                   squid-cache
| > | > |         Total Messages Denied to Group:      0
| > | > |         Total Authentication failures:       0
| > | > |
| > | > | dpr-gtw-01#sh ip wccp web-cache detail
| > | > | WCCP Cache-Engine information:
| > | > |         IP Address:            aaa.aaa.aaa.aaa
| > | > |         Protocol Version:      0.3
| > | > |         State:                 Usable
| > | > |         Initial Hash Info:     00000000000000000000000000000000
| > | > |                                00000000000000000000000000000000
| > | > |         Assigned Hash Info:    00000000000000000000000000000000
| > | > |                                00000000000000000000000000000000
| > | > |         Hash Allotment:        0 (0.00%)
| > | > |         Packets Redirected:    0
| > | > |         Connect Time:          00:08:25
| > | > |
| > | > | dpr-gtw-01#sh ip wccp web-cache detail
| > | > | WCCP Cache-Engine information:
| > | > |         IP Address:            aaa.aaa.aaa.aaa
| > | > |         Protocol Version:      0.3
| > | > |         State:                 Usable
| > | > |         Initial Hash Info:     00000000000000000000000000000000
| > | > |                                00000000000000000000000000000000
| > | > |         Assigned Hash Info:    00000000000000000000000000000000
| > | > |                                00000000000000000000000000000000
| > | > |         Hash Allotment:        0 (0.00%)
| > | > |         Packets Redirected:    0
| > | > |         Connect Time:          00:08:30
| > | > |
| > | > | dpr-gtw-01#sh ip wccp web-cache detail
| > | > | WCCP Cache-Engine information:
| > | > |         IP Address:            aaa.aaa.aaa.aaa
| > | > |         Protocol Version:      0.3
| > | > |         State:                 Usable
| > | > |         Initial Hash Info:     00000000000000000000000000000000
| > | > |                                00000000000000000000000000000000
| > | > |         Assigned Hash Info:    00000000000000000000000000000000
| > | > |                                00000000000000000000000000000000
| > | > |         Hash Allotment:        0 (0.00%)
| > | > |         Packets Redirected:    0
| > | > |         Connect Time:          00:08:30
| > | > |
| > | > | There are only Unassigned Packets displayed and the HASH Allotment
| is
| > 0.
| > | I
| > | > | suspect it is because of Linux / Squid issue instead Cisco IOS.
| > | > |
| > | > | I configured the Squid without any parameter. Should I use
| > | > the --enable-wccp
| > | > | parameters?
| > | > |
| > | > | Thx & Rgds,
| > | > |
| > | > | Awie
| > | > |
| > | > | ----- Original Message -----
| > | > | From: "Awie" <awie@eksadata.com>
| > | > | To: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>; "Squid-users"
| > | > | <squid-users@squid-cache.org>
| > | > | Sent: Thursday, September 11, 2003 11:24 PM
| > | > | Subject: Re: [squid-users] WCCP issue
| > | > |
| > | > |
| > | > | > Masood,
| > | > | >
| > | > | > Do you mean I can remove the both standard and extend
access-list?
| > | Would
| > | > | you
| > | > | > give me the IOS sample?
| > | > | >
| > | > | > I used the same IOS command as my last succesfull setting that
| using
| > | > both
| > | > | > access-list.
| > | > | >
| > | > | > Thx & Rgds,
| > | > | >
| > | > | > Awie
| > | > | >
| > | > | > ----- Original Message -----
| > | > | > From: "Masood Ahmad Shah" <masood@ipsec.fibre.net.pk>
| > | > | > To: "Awie" <awie@eksadata.com>; "Squid-users"
| > | > | <squid-users@squid-cache.org>
| > | > | > Sent: Thursday, September 11, 2003 9:18 PM
| > | > | > Subject: Re: [squid-users] WCCP issue
| > | > | >
| > | > | >
| > | > | > > if you are using wccp then no need to deny Squid box ip in
| > | > | > redirect-to-squid
| > | > | > > access list. becoz cisco router does not route wccp cache to
| > traffic
| > | > to
| > | > | > wccp
| > | > | > > cache.
| > | > | > >
| > | > | > > --
| > | > | > >
| > | > | > > Best Regs,
| > | > | > > Masood Ahmad Shah
| > | > | > > System Administrator
| > | > | > >
| > | > | > > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| > | > | > > |   * * * * * * * * * * * * * * * * * * * * * * * *
| > | > | > > |   Fibre Net (Pvt) Ltd. Lahore, Pakistan
| > | > | > > |   Tel: +92-42-6677024
| > | > | > > |   Mobile: +92-300-4277367
| > | > | > > |   http://www.fibre.net.pk
| > | > | > > |   * * * * * * * * * * * * * * * * * * * * * * * *
| > | > | > > ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| > | > | > > Unix is very simple, but it takes a genius to understand the
| > | > simplicity.
| > | > | > > (Dennis Ritchie)
| > | > | > >
| > | > | > > ----- Original Message -----
| > | > | > > From: "Awie" <awie@eksadata.com>
| > | > | > > To: "Squid-users" <squid-users@squid-cache.org>
| > | > | > > Sent: Thursday, September 11, 2003 5:43 PM
| > | > | > > Subject: [squid-users] WCCP issue
| > | > | > >
| > | > | > >
| > | > | > > | All,
| > | > | > > |
| > | > | > > | I was succesfull to run WCCP with my old box (Linux 2.2.19
and
| > | Squid
| > | > | > > 2.3.S4)
| > | > | > > | using WCCP patch of Joe Copper.
| > | > | > > |
| > | > | > > | Now, I use new version of Linux 2.4.21 and Squid 2.4S7 and
| Cisco
| > | > 3660
| > | > | > with
| > | > | > > | IOS 12.1. The router did not work well to redirect the
| packets.
| > | > Below
| > | > | > the
| > | > | > > | messages in Linux box and Cisco Router as well.
| > | > | > > |
| > | > | > > |
| > | > | > > | # lsmod
| > | > | > > |
| > | > | > > | Module               Size      Used by        Not Tainted
| > | > | > > | ipt_REDIRECT    1408         1               (autoclean)
| > | > | > > | ip_wccp             1456         0                (unused)
| > | > | > > |
| > | > | > > |
| > | > | > > | dpr-gtw-01#sh ip wccp
| > | > | > > | Global WCCP information:
| > | > | > > |     Router information:
| > | > | > > |         Router Identifier:                   aaa.aaa.aaa.aaa
| > | > | > > |         Protocol Version:                    1.0
| > | > | > > |
| > | > | > > |     Service Identifier: web-cache
| > | > | > > |         Number of Cache Engines:             1
| > | > | > > |         Number of routers:                   1
| > | > | > > |         Total Packets Redirected:            14159
| > | > | > > |         Redirect access-list:
redirect-to-squid
| > | > | > > |         Total Packets Denied Redirect:       17336
| > | > | > > |         Total Packets Unassigned:            222478
| > | > | > > |         Group access-list:                   squid-cache
| > | > | > > |         Total Messages Denied to Group:      0
| > | > | > > |         Total Authentication failures:       0
| > | > | > > |
| > | > | > > | Herewith IOS setting :
| > | > | > > |
| > | > | > > | !
| > | > | > > | ip wccp version 1
| > | > | > > | ip wccp web-cache redirect-list redirect-to-squid group-list
| > | > | squid-cache
| > | > | > > | !
| > | > | > > | !
| > | > | > > | interface Serial1/0
| > | > | > > | Bla..bla...bla.....
| > | > | > > | ip wccp web-cache redirect out
| > | > | > > | !
| > | > | > > | interface Serial1/1
| > | > | > > | Bla..bla...bla.....
| > | > | > > | ip wccp web-cache redirect out
| > | > | > > | !
| > | > | > > | !
| > | > | > > | ip access-list standard squid-cache
| > | > | > > |  permit ip.of.my.Squid
| > | > | > > | !
| > | > | > > | ip access-list extended redirect-to-squid
| > | > | > > |  deny   tcp host ip.of.my.squid any eq www
| > | > | > > |  permit ip my.subnet.block.list any
| > | > | > > |  deny   tcp any any eq www
| > | > | > > | !
| > | > | > > | !
| > | > | > > | !
| > | > | > > |
| > | > | > > | FYI, I have 2 Internet links that attached to both serial of
| > | router.
| > | > | > > |
| > | > | > > | Why did the router display lines below?
| > | > | > > | What does the packet unassigned mean? Is it any non-HTTP
| packet?
| > | > | > > |
| > | > | > > | Total Packets Denied Redirect:       17336
| > | > | > > | Total Packets Unassigned:            222478
| > | > | > > |
| > | > | > > | Your answer is very appreciated and waited for.
| > | > | > > |
| > | > | > > | Thx & Rgds,
| > | > | > > |
| > | > | > > | Awie
| > | > | > > |
| > | > | > > |
| > | > | > > |
| > | > | > > |
| > | > | > >
| > | > | >
| > | > |
| > | > |
| > | > |
| > | >
| > |
| > |
| > |
| > |
| > |
| >
|
|
|
Received on Fri Sep 12 2003 - 23:30:40 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:43 MST